Phishing scams are among the more subtle of cyber threats — and often the most destructive. Consider these tips for protecting your information in the digital age.
Casting a Wide Net
So what exactly are phishing scams? The fraudsters of the digital age, phishing refers to online scammers who operate by impersonating reputable agents, such as financial institutions, cable providers, and any other entity that may request personal information. Most often, phishing scams occur in the form of emails requesting information such as social security numbers, routing numbers, and bank account data.
Other common phishing scams include emails with links to fraudulent websites that mirror legitimate entities. Malware may be contained in attachments or consumers may be instructed to respond to an email within a given amount of time, thereby allowing the scammer to obtain private data. Phishing scams utilize the same marketing and data acquisition techniques as social media outlets, often pulling thousands of user trends from sites such as LinkedIn, Facebook, and Twitter. Simply put, phishing scams are the impostors of the internet.
Reeling ‘Em In
Fishing scams come in two main varieties — spear phishing and whale phishing. Spear attacks target individuals, while whaling targets high level executives on a larger scale.
Pharming is another often used technique wherein users are redirected to a scam website or a cloned variant of a reputable site.
Voice phishing via communication media such as GoToMeeting and Skype is another form of digital deception that is on the rise. This type of phishing takes the form of phone calls from the IRS and other entities using prerecorded voice over technology.
Mobile devices may fall victim to similar scams in the form of SMS phishing. Like email scammers, SMS fraudsters use text messages to impersonate legitimate agents.
Shark Proof Your System
The prospect of having your personal information stolen can be daunting. Fortunately, there are ways to protect yourself from phishing scams that won’t turn your data into chum.
Stay informed on phishing scams and know what to look for. Double check URLs and domain names. Often, a scammer will use a false domain name that vaguely matches the email of a reputable entity. If a site looks suspicious, exit. Bookmark links to login pages for banks, credit cards, and other institutions so that you enter via the same secured link every time. Do not open attachments or links from unknown senders and always have a reliable firewall in place.
Install a secured VoIP system for business communications and know which institutions will — and will not — request information via phone. For example, the IRS will never contact you via phone or email.
Pay attention to the language being used. It is unlikely that a legitimate financial institution will ever request login credentials or personal information via email. Lastly, follow the cardinal rule of internet safety — do not ever disclosure your social security number in an unsecured form such as an email or website.